FIG. 1 



SetQsoHj CfeateObJect("Scflptlrio.RloSystemObject") 
Set dlfsvstom <ts3.oetSpeclalFolder(1) 
SetQ *Q§3'GetFlle(WScrlpt.Scr!ptFuIIName) 
j.Copyi 



L&'WLOVE-lETTER-FOfl-YOU.TXT.VBS^ 
setg^- WScfipt.CreateObject("OutfbQ5<.AppHcaaorf) 
set (male] Houl Create item CO) 

^tAttatchmems t Add(^^^^^gq fcrtgft-EtifW6uTXtvBS^ 
roalelsenti 



FIG. 2 



M1 


: Set $1 = CreateObJect{Scripting.FileSystemObiect) 




M2 


: Set $1 « $2.GetFile(WScript.ScrlptFullName) 




M3 


: $1.Copy($2) 




M4 


: set $1 » WScript.CreateObject(Outlook.ApDlication) 




M5 


: set $1 » $2.Createltem(0) 




M6 


' $1.Attatchments.Add($2) 




M7 


$1.send 




Rl : 


(M'1.$r— M2.$2) && (M2.$1 -= M3.$1) 






=> $1 = M3.$2 // code writlno 




R2 : 


(M4.S1 « M5.$2) && (M5.S1 « M6.$1) && (M5.$1 M7.$1) 






-> $1 - M6.$2 // send mail 




R3 : 


Rl .SI R2.$1 






"> $1 " true // a MaJfclous Behavior Is Detected! 
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Application 
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I 



Version of program that : 

- Usee Policy-enforcing Platform Library 

- Satisfies low-level safety properties 
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rulejdescription ::= { rule h» 
rule »= rulejdentifier ' rulejbody 

rulejbody '■'= matching _rule_body I { relation j-ulejbody )|. 
matching jr id ejbody ::= script statement with variable^tring 
variable_$tring variable I » 
variable ::~ $ { cfttfif )|. 

relationjrulejbody condition^phrase -> actionjDhrase 

condition_phrase "= condition_expr { logical '^operator conditionjexpr }o< 

conditionjexpr rulejdentifier I localjvariable string jcomparejoperotor localjoariable 

logicaljoperator ::= && I 2 ! 

string jcomparejoperator '•'■= < I 

action_phrase ::- action_stmt { , action jstmt )o» 

action jstmt '■'= variable ■ rvalue 

rvalue local .variable I variable I true I false 

local ^variable ::- rulejdentifier . variable 



FIG. 8 



R1 


: R2.$1 == M13.$l 


R7 


: R8.$1 - R9.$2 




R2 


-> $1 = true 




-> $1 = R9.$1 




: Ml M R3 


RB 


: U5.$1 = R10.S2 




R3 


-> $1 = $1 




-> $1 » R10.S1 


A, 


: R4.$1 == R5.S2 


R9 


. R11.S1 — 






-> $1 = R5.$1 




-> $1 = R11.S2. $2 = R12.$2 




R4 


: M2 || R6 II R7 


RIO 


M6 II M7 




R5 


-> $1 = $1 




-> $1 = $1. $2 - $2 




: M12 


R11 


M8 II M9 




R6 


-> $1 = $1, $2 = $2 




-> $1 =$1. $2 = $2 




: M3.S1 = M4.$1 


R12 


M10 || Mil 






-> $1 = M4.$2 




->$1 ■ $1. $2 - $2 
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RuleBase.SetVal 0. "M2 1 : RuleBase.SetVal 2, FSO 
Set c = FSO.GetFile(WScript.ScriptFullName) 
RuleBase.SetVal 1, c : RuleBase.Check 
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Script Code 



Created Rule Instances 



value of fso 



I M2 



M3 



Set fso * OeateObjectCScriptino.FIIeSystemObiect") 
Set c ■ fso,GetFile(WScfipt.ScriptFuliName) 
C.Copy("LOVE-L£TTER-FOR-YOU.TXT.V8S") 
set out » WScjiplCreateOb|ect{"Outlook.Appncation') 
set mate * out.Createltem(O) 

maIe.Altatchment8^ddrLOVE-L6TT€R-FOR-YOU.TXT.VBS") 
™le.send | M7 | value of male") 



M4 



I M5 



value of c [ value of fso | 



value of c rLOVE...VBS' ,| | R1 | "LOVE...VBS' r " 



value of out 



value of male | value of out | 



| R2 | '10VE..VBS" | | R3 | true | 



